On 11/28/2011 12:31 PM, John Levine wrote:
I would be interested in a brief explanation of why we need one now, since we have gotten along without one for multiple decades. Having worked with a lot of lawyers, my experience is that few lawyers understand cost-benefit tradeoffs, and often recommend spending unreasonably large amounts of money to defend against very remote risks. Similarly, insurance agents will usually tell you to insure against anything. (This is why NDAs are 12 pages long, and the standard deductible on policies is usually an order of magnitude too small.)
(speaking on own and without any IAOC/Trust background on this topic, and most certainly with little knowledge of legal issues in this realm. But 'little' is not 'none'.)
The IETF is a very different place now, than it has been for the multiple decades preceding. Many participants have no sense of the original culture. They come in with whatever other cultures they've been exposed to, or with no background at all. Also, most participants in the IETF have no natural or trained sense of trust-violating boundaries.
I also have some concern about increased company "orchestration" of some IETF work, which would seem to invite anti-trust concerns. That's a vague statement and is meant to be. But vague doesn't mean without foundation.
IMO, that makes it reasonable to have at least a basic statement on the topic. I think it needs to be cast in IETF cultural terms and delivered in an IETF style. So, for example, having every participant sign a statement of awareness of the policy or having a multi-page policy would not make sense for the IETF.
But something probably would. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf